diff -urN strongswan-4.3.1/src/libstrongswan/asn1/asn1.c strongswan-4.3.1_asn1_rdn/src/libstrongswan/asn1/asn1.c
--- strongswan-4.3.1/src/libstrongswan/asn1/asn1.c	2009-05-15 10:01:29.000000000 +0200
+++ strongswan-4.3.1_asn1_rdn/src/libstrongswan/asn1/asn1.c	2009-06-18 21:23:59.000000000 +0200
@@ -296,6 +296,11 @@
 		len = 256*len + *blob->ptr++;
 		blob->len--;
 	}
+	if (len > blob->len)
+	{
+		DBG2("length is larger than remaining blob size");
+		return ASN1_INVALID_LENGTH;
+	}
 	return len;
 }
 
diff -urN strongswan-4.3.1/src/libstrongswan/asn1/asn1_parser.c strongswan-4.3.1_asn1_rdn/src/libstrongswan/asn1/asn1_parser.c
--- strongswan-4.3.1/src/libstrongswan/asn1/asn1_parser.c	2009-05-04 19:41:57.000000000 +0200
+++ strongswan-4.3.1_asn1_rdn/src/libstrongswan/asn1/asn1_parser.c	2009-06-18 21:23:59.000000000 +0200
@@ -158,7 +158,7 @@
 	
 	blob1->len = asn1_length(blob);
 	
-	if (blob1->len == ASN1_INVALID_LENGTH || blob->len < blob1->len)
+	if (blob1->len == ASN1_INVALID_LENGTH)
 	{
 		DBG1("L%d - %s:  length of ASN.1 object invalid or too large", 
 					level, obj.name);